Sr GRC Analyst

About The Company:

iLink Digital is a Global Software Solution Provider and Systems Integrator, delivers next-generation technology solutions to help clients solve complex business challenges, improve organizational effectiveness, increase business productivity, realize sustainable enterprise value and transform your business inside-out. iLink integrates software systems and develops custom applications, components, and frameworks on the latest platforms for IT departments, commercial accounts, application services providers (ASP) and independent software vendors (ISV). iLink solutions are used in a broad range of industries and functions, including healthcare, telecom, government, oil and gas, education, and life sciences. iLink’s expertise includes Cloud Computing & Application Modernization, Data Management & Analytics, Enterprise Mobility, Portal, collaboration & Social Employee Engagement, Embedded Systems and User Experience design etc.

 

What makes iLink's offerings unique is the fact that we use pre-created frameworks, designed to accelerate software development and implementation of business processes for our clients. iLink has over 60 frameworks (solution accelerators), both industry-specific and horizontal, that can be easily customized and enhanced to meet your current business challenges.

Requirements

Requirements

Security GRC Analyst

·         Strong understanding of Information Security principles and technologies, technical information, and security concepts.

·         Demonstrated conceptual, analytical, and innovative problem-solving and evaluative skills, and an ability to conduct independent research and analysis, identify issues, formulate options, and make conclusions.

·         Understanding of existing and emerging technologies.

·         Project management skills – planning, status reporting, issues resolution, risk mitigation.

·         Ability to multi-task and handle multiple projects at the same time.

·         Highly effective communication with all levels of the organization, including senior and executive management.

·         Ability to deliver high-quality documentation deliverables including business requirements documents, design documents, test cases, and end user training guides.

·         Strong organizational, interpersonal and presentation skills.

·         Excellent written and oral communication skills.

 

Qualifications

 

·         Bachelor’s Degree in Information Technology, Computer Information Systems, Risk Management, Computer Science, Cybersecurity, or equivalent educational or professional experience/qualifications.

·         Hands-on knowledge of SOC2 or ISO27001 audit controls and certification.

·         Knowledge of GRC management systems such as Archer or Audit Board.

·         Understanding of security controls (e.g. access control, auditing, authentication, encryption, data integrity, physical security, and application security).

·         Team-oriented with experience working with diverse teams.

 

1.           Support security compliance and certification functions such as SOC2.

2.           Participate in internal security risk assessments.

3.           Work with third party auditors for all SOC2 assessments, populations, and related auditing activities.

4.           Manage all internal SOC2 compliance activities and assign to owners.

5.           Work under the direction of the Landmark Security Lead in supporting security risk management, third-party risk management, security maturity assessments, cloud security governance and reporting efforts.

6.           Program manage GRC security monthly and quarterly processes

7.           Develop and update GRC security metrics and work with other security pillars to obtain relevant risk metrics.

8.           Assist with the continuous monitoring of security GRC functions, developing executive reporting.

9.           Update the risk register continuously as risks are noted.

10.        Develop strong working relationships with support teams, management, and cross functional working groups.

11.        Manage status and reporting on activities, issues, projects, etc. to team leadership.

12.        Strengthen technical ability to understand third party security risk and mitigating/compensating controls.

13.        Stay current on security industry trends, attack techniques, mitigation techniques, and security technologies by attending conferences, networking with peers, and other educational opportunities.

14.        Draft and communicate “Requests for information” for all critical vendors as it relates to current vulnerabilities or other security findings.

15.        Update vendor inventory with risk rating, approvals, date reviewed, and date types.

Benefits

• Competitive salaries
  
• Medical Insurance
  
• Employee Referral Bonuses
  
• Performance Based Bonuses
  
• Flexible Work Options & Fun Culture
  
• Robust Learning & Development Programs
  
• In-House Technology Training